telegramfraud.com
Open in
urlscan Pro
104.16.42.105
Public Scan
Effective URL: https://telegramfraud.com/en
Submission: On July 14 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by E5 on July 14th 2024. Valid for: 3 months.
This is the only time telegramfraud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.19.241.93 104.19.241.93 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 104.16.42.105 104.16.42.105 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 151.101.193.229 151.101.193.229 | 54113 (FASTLY) (FASTLY) | |
4 | 142.250.184.200 142.250.184.200 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.106 142.250.185.106 | 15169 (GOOGLE) (GOOGLE) | |
3 11 | 93.158.134.119 93.158.134.119 | 13238 (YANDEX) (YANDEX) | |
10 | 172.217.18.3 172.217.18.3 | 15169 (GOOGLE) (GOOGLE) | |
2 | 52.216.33.137 52.216.33.137 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 216.239.32.36 216.239.32.36 | 15169 (GOOGLE) (GOOGLE) | |
7 | 13.32.23.118 13.32.23.118 | 16509 (AMAZON-02) (AMAZON-02) | |
71 | 10 |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com |
ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru | |
mc.yandex.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
plst237.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-118.fra56.r.cloudfront.net
d1muf25xaso8hp.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
telegramfraud.com
1 redirects
www.telegramfraud.com telegramfraud.com |
1 MB |
10 |
gstatic.com
fonts.gstatic.com |
82 KB |
8 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 9753 |
4 KB |
7 |
cloudfront.net
d1muf25xaso8hp.cloudfront.net |
34 KB |
4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72 |
151 KB |
3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4033 |
70 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2681 |
|
2 |
amazonaws.com
plst237.s3.amazonaws.com — Cisco Umbrella Rank: 135951 |
7 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74 |
1 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 352 |
22 KB |
71 | 10 |
Domain | Requested by | |
---|---|---|
30 | telegramfraud.com |
telegramfraud.com
|
10 | fonts.gstatic.com |
fonts.googleapis.com
|
8 | mc.yandex.com |
2 redirects
telegramfraud.com
mc.yandex.ru |
7 | d1muf25xaso8hp.cloudfront.net |
telegramfraud.com
|
4 | www.googletagmanager.com |
telegramfraud.com
|
3 | mc.yandex.ru |
1 redirects
telegramfraud.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | plst237.s3.amazonaws.com |
telegramfraud.com
|
2 | fonts.googleapis.com |
telegramfraud.com
|
2 | cdn.jsdelivr.net |
telegramfraud.com
|
1 | www.telegramfraud.com | 1 redirects |
71 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
telegramfraud.com E5 |
2024-07-14 - 2024-10-12 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-05-23 - 2024-11-02 |
5 months | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2024-04-22 - 2025-04-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://telegramfraud.com/en
Frame ID: 1F51B64E48A931CEABEC46445914B3EC
Requests: 71 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 8FD90BF2ABFA7735CC1436F7D6CECFDD
Requests: 1 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 10385DDF3FF7A32DD00512A9910E0BBC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Register of unreliable telegram channels and authorsPage URL History Show full URLs
-
https://www.telegramfraud.com/
HTTP 301
https://telegramfraud.com/ Page URL
- https://telegramfraud.com/en Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.telegramfraud.com/
HTTP 301
https://telegramfraud.com/ Page URL
- https://telegramfraud.com/en Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.telegramfraud.com/ HTTP 301
- https://telegramfraud.com/
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10430.vmMJ6r31dARAzVHjGNa8LTOXXc5rlejI8vUWS1IXJc2UjRaJEt4z_0lFOVyt1Vir.mW-8PbQEmoAZa4EpF6bnKfxFJZE%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10430.9ULeHuGgwV2ePGUTc7Zyy5jpiO-HmJPLuIL1wiHkJIIgqHTA0xgv2yB-wNBTRPKau3BIUm6QLdHeobPJm8R-qxqmJiMPxM3FCNNnQk1e3ruOAoD8mHdktIBm-L3zResYbzVbW8_hL24stiI1L101CV8jFAy8Kkscz-b64uArHFqpWjwbl_e7Ppv8whwu1Ti5f4PcRFUT0onp92GKEg9FnG2EidZMYR_p2VSFoaqsI70%2C.hvt-eaarUfgp4NeELbjdJFkyXtA%2C
- https://mc.yandex.com/watch/97125067?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
- https://mc.yandex.com/watch/97125067/1?wmode=7&page-url=https%3A%2F%2Ftelegramfraud.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A889147338740%3Ahid%3A92232489%3Az%3A120%3Ai%3A20240714235541%3Aet%3A1720994139%3Ac%3A1%3Arn%3A653436805%3Arqn%3A1%3Au%3A1720994139845525914%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C204%2C829%2C3%2C606%2C0%2C%2C1134%2C0%2C%2C%2C%2C3266%3Aco%3A0%3Acpf%3A1%3Ans%3A1720994137621%3Agi%3AR0ExLjEuMTkzMjY0OTkxMC4xNzIwOTk0MTQx%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720994139%3At%3A%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
71 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
telegramfraud.com/ Redirect Chain
|
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
early.js
telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
run.css
telegramfraud.com/package/run_css/4348e415a813276d32d0314ca46ae80dafa65c4f713c1746ffa74ef23dba47af/fraud-telegram/live/index/xfalse/xfalse/ |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre_run_jquery.js
telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
run.js
telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/ |
3 MB 740 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static.js
telegramfraud.com/package/static_js/6104fe6e4fb03186cf9416ccc4d13688f1270fdfe7b295fd54305a3031529a19/fraud-telegram/live/index/xnull/xfalse/xfalse/xfalse/ |
195 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dynamic.js
telegramfraud.com/package/dynamic_js/5ce5880aea7da5a2f5e1abc8f93fcff148694e2941e9ae71ec4493fa2bf0c303/fraud-telegram/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feather-icons
cdn.jsdelivr.net/npm/ |
74 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
307 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data
telegramfraud.com/api/1.1/init/ |
283 B 868 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
200 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plst.js
plst237.s3.amazonaws.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
hi
telegramfraud.com/user/ |
57 B 811 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
127 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
start
telegramfraud.com/workflow/ |
801 B 928 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
m
telegramfraud.com/user/ |
4 B 573 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 668 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 598 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/97125067/ Redirect Chain
|
447 B 539 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713267793663x429426331715707200%2Ffavicon.png
d1muf25xaso8hp.cloudfront.net/ |
3 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame 8FD9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
mget
telegramfraud.com/elasticsearch/ |
341 B 809 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
en
telegramfraud.com/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apm
telegramfraud.com/user/ |
4 B 530 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
97125067
mc.yandex.com/webvisor/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
97125067
mc.yandex.com/webvisor/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
early.js
telegramfraud.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ |
24 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
run.css
telegramfraud.com/package/run_css/89ef2af7b89418548622a7e486e8ff033a6f6fbbb7ae2bdb8d9cb2c3993872be/fraud-telegram/live/en/xfalse/xfalse/ |
73 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre_run_jquery.js
telegramfraud.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ |
88 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
run.js
telegramfraud.com/package/run_js/7bb052db5df25e4da0570736f9d86bd1baf6a3d8af94aac3be23b93c539e9b0b/xfalse/x29/ |
3 MB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static.js
telegramfraud.com/package/static_js/77f73d89810f262b3e43ac58e35d908d46e452b9da5a103f51c695c0d726887b/fraud-telegram/live/en/xnull/xfalse/xfalse/xfalse/ |
195 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dynamic.js
telegramfraud.com/package/dynamic_js/54b5ee77f30cb0b4a57fe00a3310a1badf0c7870401a01d7f393fde408867bde/fraud-telegram/live/en/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ |
341 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feather-icons
cdn.jsdelivr.net/npm/ |
74 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
307 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data
telegramfraud.com/api/1.1/init/ |
313 B 896 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
14 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3vAOwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
15 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ |
22 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
200 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plst.js
plst237.s3.amazonaws.com/ |
7 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-4.7.0.svg
telegramfraud.com/static/icon_libraries/ |
611 KB 175 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
hi
telegramfraud.com/user/ |
57 B 759 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp
d1muf25xaso8hp.cloudfront.net/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp
d1muf25xaso8hp.cloudfront.net/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
127 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
msearch
telegramfraud.com/elasticsearch/ |
14 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
maggregate
telegramfraud.com/elasticsearch/ |
70 B 649 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710620967265x818431606343276500%2F5c91dc58-a7dd-4e69-b402-820c20d881c9.webp
d1muf25xaso8hp.cloudfront.net/ |
25 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
97125067
mc.yandex.com/watch/ |
447 B 661 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png
d1muf25xaso8hp.cloudfront.net/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
mget
telegramfraud.com/elasticsearch/ |
341 B 781 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1710624986870x143343342989221700%2F283d0b47-6790-404c-b642-88e2679c11ac.webp
d1muf25xaso8hp.cloudfront.net/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame 1038 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
msearch
telegramfraud.com/elasticsearch/ |
108 KB 28 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bulk_watch
telegramfraud.com/elasticsearch/ |
153 B 719 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
m
telegramfraud.com/user/ |
4 B 551 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2
fonts.gstatic.com/s/ibmplexmono/v19/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
apm
telegramfraud.com/user/ |
4 B 587 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fac28f1ae4aac704c41592fda08d4ed56.cdn.bubble.io%2Ff1713302343040x866466749418657300%2Funited%2520states%2520%25281%2529.png
d1muf25xaso8hp.cloudfront.net/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-64FBLDR671>m=45je4790v9180417855za200&_p=1720994140374&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1932649910.1720994141&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720994141&sct=1&seg=0&dl=https%3A%2F%2Ftelegramfraud.com%2F&dt=%D0%A0%D0%B5%D0%B5%D1%81%D1%82%D1%80%20%D0%BD%D0%B5%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B3%D1%80%D0%B0%D0%BC%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&en=user_engagement&_et=1499&tfd=2705&_z=fetch
- Domain
- mc.yandex.com
- URL
- https://mc.yandex.com/webvisor/97125067?wv-part=1&wv-type=7&wmode=0&wv-hit=92232489&page-url=https%3A%2F%2Ftelegramfraud.com%2F&rn=417512918&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720994140%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240714235542%3Au%3A1720994139845525914%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720994140&t=gdpr(14)ti(1)
- Domain
- mc.yandex.com
- URL
- https://mc.yandex.com/webvisor/97125067?wv-part=1&wv-type=7&wmode=0&wv-hit=92232489&page-url=https%3A%2F%2Ftelegramfraud.com%2F&rn=417512918&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720994140%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240714235542%3Au%3A1720994139845525914%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720994140&t=gdpr(14)ti(2)
- Domain
- fonts.gstatic.com
- URL
- https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2
Verdicts & Comments Add Verdict or Comment
69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| bubble_session_uid object| headers_source_maps function| make_proxy function| appquery function| Lib function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| $ function| jQuery string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| __algolia object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page function| Lib_post_load object| preloaded number| bubble_version object| __code__ object| optional_modules object| plugins object| bubble_run_derived function| gtag object| dataLayer object| translation_data object| language_data string| application_language object| app function| everything_ready function| wait_for_everything object| feather function| ym object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal boolean| plst number| render_end_timestamp object| attributes object| gtag_script object| Ya object| yaCounter9712506724 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.telegramfraud.com/ | Name: fraud-telegram_live_u2main Value: bus|1720994138920x783627855730478700|1720994138928x117043169618416210 |
|
.telegramfraud.com/ | Name: fraud-telegram_live_u2main.sig Value: GrLcaEt4QRskwujXYhI_n8SUKIA |
|
.telegramfraud.com/ | Name: fraud-telegram_u1main Value: 1720994138920x783627855730478700 |
|
.yandex.ru/ | Name: i Value: 4fAzeHUpulJJ6B5QhtfN1kkVwDApOb8hJ5oba6bAizegourGj3fdsLlakTZtiUDklXyiN/fVRl6T6zYp6ZU86JNKF7M= |
|
.yandex.ru/ | Name: yandexuid Value: 99811151720994140 |
|
.yandex.ru/ | Name: yashr Value: 6217045291720994140 |
|
.telegramfraud.com/ | Name: _ga Value: GA1.1.1932649910.1720994141 |
|
.telegramfraud.com/ | Name: _ym_uid Value: 1720994139845525914 |
|
.telegramfraud.com/ | Name: _ym_d Value: 1720994139 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 2845729886fake |
|
.yandex.com/ | Name: yashr Value: 4635796671720994141 |
|
.telegramfraud.com/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3976286131fake |
|
.yandex.com/ | Name: yandexuid Value: 99811151720994140 |
|
.yandex.com/ | Name: yuidss Value: 99811151720994140 |
|
.yandex.com/ | Name: i Value: 4fAzeHUpulJJ6B5QhtfN1kkVwDApOb8hJ5oba6bAizegourGj3fdsLlakTZtiUDklXyiN/fVRl6T6zYp6ZU86JNKF7M= |
|
.yandex.com/ | Name: yp Value: 1721080541.yu.8228075091720994141 |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
mc.yandex.com/ | Name: yabs-sid Value: 1333534631720994141 |
|
.yandex.com/ | Name: ymex Value: 1723586141.oyu.8228075091720994141#1752530141.yrts.1720994141 |
|
.yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
.telegramfraud.com/ | Name: _ym_visorc Value: w |
|
.telegramfraud.com/ | Name: _ga_64FBLDR671 Value: GS1.1.1720994141.1.1.1720994143.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'none'; |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
plst237.s3.amazonaws.com
region1.google-analytics.com
telegramfraud.com
www.googletagmanager.com
www.telegramfraud.com
fonts.gstatic.com
mc.yandex.com
region1.google-analytics.com
104.16.42.105
104.19.241.93
13.32.23.118
142.250.184.200
142.250.185.106
151.101.193.229
172.217.18.3
216.239.32.36
52.216.33.137
93.158.134.119
03da4172eecc330846a9d7c056c18a2bb88c49c5ddfd68a60035ec70af715335
2ea19244e232fa0f9ebbdf52acc5d644d89451d1a0325d297e7f01a8047f1e43
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
3c5ad65cef2d51a669c574a270f80caf3d55134cefabf069e0622b2de2dca6bb
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4c95bacdf5858f6bb23d0e7ec79235ea2b4126c897cc09cb1fcffc0f7d519bf7
4d9912b379f5cc67b1ba842ad7c8ac713fbc726c50d577bbd22ad73d3875adab
4eadb6f64e386c63f8f7cab558a6e6a6ac91e0f80dc111e93e6e71751f9c11b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57329622c0571f0bc59a56da7cbbb007f53a6f69f66302fc41a99cdb429c5f8d
60f09303408bba7f15ba701c88614773cea6db875a95d6d8236d087c974a1464
6fa74877b314e2853632b2a119d3db03ff6d178355ce5c810ade127f1c2d54d8
71d6dddaee8cc5b87da191f2fd13a2575cd6bad642bf3c609c30a9c8a9886d12
73ce6556ec48522fbf649d6e047b3b46233ef9e2afbd0455dac4edbba13dbe36
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
7ab79920c39cf58ebfeee1098db5b3ebe67f6f475d11378365b670622f643ce1
7bbfd8f9251d1fc18620188f1f7a941f3885d0be47b62588522b7da734518776
8f5625dc3d6750cd89b3f6c892963a5db13db0015b9c63ef0fc6f9b56445cfed
909c4e6ed352d7172ba39b5099d2af7b86c0470ba45732b22937dcb8acb39974
91e87088b31e15196bbe6c0c5d78dc20aad1f0bcaf7ad04a771fe7aa85801813
933669d020d445dfd2e6d6a2861c8af584274cb9c89401ed08379a83189aba55
9bd0279b23e2566c3cde07f58324401e0c5659a3f61ccf74699780748ae8a3a5
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
adbaafb069aa9044371c0a6e0d8625927b21d206f0ed6b13ccc4847b6467cd69
b4463de0ece918e7cac85e9df6b26b9ad845774b640104078ec970947e66d38d
c2d10572de3dc47a1b7ddb6943cad26fe741ac92c8e32aafe74bcdd2d2e59f96
c2f9c20b292ec88ccd8daef3d2fb2ccf68b3b10bfc50a400cf6abab05c919ee9
c4d3deb734a27e6d0dc7a6b464779f70ba1c272e26287860a14e35e85acb5b76
cf5d4a07787b0e60ff27fc562378b50781a5f2c71174a65a50729132e008cc66
d2fc453332fe9cf71ff64eddb765d68edb8747e8fcf144949b5480f4b85bfa23
dea9e670c8ec233b28ab876967c3f76f7b37f4d99dcdd4d1b3eda515fd594074
ea1d325eeafe148e66e088382a0c5211302cc73e3412659d54a9d2c1870fc0ab
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82db55c28494802083b780ef42d77a2e1ff0cccbe68bbe24b6f11667fc50d65